projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph...
[deliverable/linux.git] / net / ipv4 / netfilter / nft_chain_nat_ipv4.c
CommitLineData
96518518 1/*
ef1f7df9 2 * Copyright (c) 2008-2009 Patrick McHardy <kaber@trash.net>
9370761c 3 * Copyright (c) 2012 Pablo Neira Ayuso <pablo@netfilter.org>
eb31628e 4 * Copyright (c) 2012 Intel Corporation
96518518
PM		 5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
9 *
10 * Development of this code funded by Astaro AG (http://www.astaro.com/)
11 */
12
13#include <linux/module.h>
14#include <linux/init.h>
15#include <linux/list.h>
16#include <linux/skbuff.h>
17#include <linux/ip.h>
96518518
PM		 18#include <linux/netfilter.h>
19#include <linux/netfilter_ipv4.h>
96518518
PM		 20#include <linux/netfilter/nf_tables.h>
21#include <net/netfilter/nf_conntrack.h>
22#include <net/netfilter/nf_nat.h>
23#include <net/netfilter/nf_nat_core.h>
24#include <net/netfilter/nf_tables.h>
0ca743a5 25#include <net/netfilter/nf_tables_ipv4.h>
96518518
PM		 26#include <net/netfilter/nf_nat_l3proto.h>
27#include <net/ip.h>
28
06198b34 29static unsigned int nft_nat_do_chain(void *priv,
65cd90ac 30 struct sk_buff *skb,
d7cf4081 31 const struct nf_hook_state *state,
65cd90ac 32 struct nf_conn *ct)
96518518 33{
0ca743a5 34 struct nft_pktinfo pkt;
96518518 35
6aa187f2 36 nft_set_pktinfo_ipv4(&pkt, skb, state);
0ca743a5 37
06198b34 38 return nft_do_chain(&pkt, priv);
96518518
PM		 39}
40
06198b34 41static unsigned int nft_nat_ipv4_fn(void *priv,
65cd90ac 42 struct sk_buff *skb,
238e54c9 43 const struct nf_hook_state *state)
96518518 44{
06198b34 45 return nf_nat_ipv4_fn(priv, skb, state, nft_nat_do_chain);
96518518
PM		 46}
47
06198b34 48static unsigned int nft_nat_ipv4_in(void *priv,
65cd90ac 49 struct sk_buff *skb,
238e54c9 50 const struct nf_hook_state *state)
96518518 51{
06198b34 52 return nf_nat_ipv4_in(priv, skb, state, nft_nat_do_chain);
96518518
PM		 53}
54
06198b34 55static unsigned int nft_nat_ipv4_out(void *priv,
65cd90ac 56 struct sk_buff *skb,
238e54c9 57 const struct nf_hook_state *state)
96518518 58{
06198b34 59 return nf_nat_ipv4_out(priv, skb, state, nft_nat_do_chain);
65cd90ac 60}
96518518 61
06198b34 62static unsigned int nft_nat_ipv4_local_fn(void *priv,
65cd90ac 63 struct sk_buff *skb,
238e54c9 64 const struct nf_hook_state *state)
65cd90ac 65{
06198b34 66 return nf_nat_ipv4_local_fn(priv, skb, state, nft_nat_do_chain);
96518518
PM		 67}
68
2a37d755 69static const struct nf_chain_type nft_chain_nat_ipv4 = {
9370761c
PNA		 70 .name = "nat",
71 .type = NFT_CHAIN_T_NAT,
fa2c1de0
PM		 72 .family = NFPROTO_IPV4,
73 .owner = THIS_MODULE,
9370761c
PNA		 74 .hook_mask = (1 << NF_INET_PRE_ROUTING) |
75 (1 << NF_INET_POST_ROUTING) |
76 (1 << NF_INET_LOCAL_OUT) |
77 (1 << NF_INET_LOCAL_IN),
fa2c1de0 78 .hooks = {
65cd90ac
PNA		 79 [NF_INET_PRE_ROUTING] = nft_nat_ipv4_in,
80 [NF_INET_POST_ROUTING] = nft_nat_ipv4_out,
81 [NF_INET_LOCAL_OUT] = nft_nat_ipv4_local_fn,
82 [NF_INET_LOCAL_IN] = nft_nat_ipv4_fn,
96518518
PM		 83 },
84};
85
9370761c 86static int __init nft_chain_nat_init(void)
96518518
PM		 87{
88 int err;
89
9370761c 90 err = nft_register_chain_type(&nft_chain_nat_ipv4);
96518518 91 if (err < 0)
9370761c 92 return err;
96518518 93
96518518 94 return 0;
96518518
PM		 95}
96
9370761c 97static void __exit nft_chain_nat_exit(void)
96518518 98{
9370761c 99 nft_unregister_chain_type(&nft_chain_nat_ipv4);
96518518
PM		 100}
101
9370761c
PNA		 102module_init(nft_chain_nat_init);
103module_exit(nft_chain_nat_exit);
96518518
PM		 104
105MODULE_LICENSE("GPL");
106MODULE_AUTHOR("Patrick McHardy <kaber@trash.net>");
9370761c 107MODULE_ALIAS_NFT_CHAIN(AF_INET, "nat");
Linux kernel - Deliverables
This page took 0.22906 seconds and 5 git commands to generate.